Skip to main content

How it works

After OAuth completes, Trevi stores credentials and issues a one-time token. Your client exchanges that token at /connect/credentials to retrieve safe connection metadata.

Why it matters

This keeps secrets out of URLs and browser history. Use the exchange token immediately and do not store it.